Privacy Policy
Effective date: February 21, 2026 | Last updated: February 21, 2026
1. Purpose of Collection and Use of Personal Data
AIM ("the Service") collects the minimum personal information necessary to provide todo management, workout logging, goal planning, and nutrition management features. Collected information is used only for the following purposes.
- Identifying users and managing access to the Service
- Improving the Service and resolving technical issues
- Handling user requests such as support inquiries and account deletion
2. Personal Data We Collect
| Category | Data | Collection Method |
|---|---|---|
| Required | Social sign-in identifiers (unique Apple/Google IDs) and email address when provided | Collected automatically during social sign-in |
| Optional | Birth year, gender, height, weight, workout records, todos, goals, and nutrition data | Entered directly by the user |
| Automatically Collected | Device information (OS and version), access logs, and error logs | Generated automatically while using the Service |
3. Retention and Use Period
- Upon account deletion: all stored data is deleted immediately.
- Retention required by law: if applicable law requires retention, the data is kept only for the legally required period.
4. Provision of Personal Data to Third Parties
AIM does not provide users' personal data to third parties in principle. Exceptions apply only in the following cases.
- When the user has given prior consent
- When disclosure is required by applicable law
5. Outsourced Processing
| Provider | Purpose |
|---|---|
| Supabase Inc. | Database hosting and authentication services |
| Google LLC / Apple Inc. | Social sign-in authentication |
6. Rights of Data Subjects
Users may exercise the following rights at any time.
- Request access to personal data
- Request correction of inaccurate information
- Request deletion
- Request suspension of processing
You can make these requests directly through Settings > Delete Account in the app or by contacting us using the information below.
7. Technical and Administrative Security Measures
- TLS (HTTPS) encryption is applied during data transmission
- Authentication tokens are stored in the device secure storage (SecureStore)
- User data is isolated through Row Level Security (RLS) policies
- Passwords are not stored because the Service uses social sign-in only
8. Privacy Contact
- Team: mildolab
- Email: contact@mildolab.com
9. Changes to This Policy
This Privacy Policy may be updated to reflect changes in applicable laws or changes to the Service. Any updates will be announced in the app or on this page.